CLAIM AMENDMENTS 
Listing of Claims: 

CLAIMS 

1. (currently amended) A method for attestation comprising generating a user 
attestation-signature valu e (DAA') for use with a verification computer— (40), the user 
attestation-signature valu e (DAA') corresponding to at least one attribute (A, B, C, D), each with 
an attribute value (w, x, y, z), none, one, or more of the attribute values (w, y) remaining 
anonymous for transactions performable by a user devic e (20) having a security modul e (22) with 
the verification computer-(40), the method step of generating comprising the steps of: 

- providing a user public ke y (PKui) and a proof value that demonstrates that the user public key 
(PKuc) was validly derived from a module public key (PKihm) of the secudty module-(22); 

- receiving from an attester computer-(30) 

(I) an attestation valu e (cert) having the at least one attribute (A, B, C, D) with its 
attribute value (w, x, y, z), none, one or more of the attribute values (x, y) remaining 
unknown to the attester computer-(30), 

the attestation value-(e*rf) being derived from an attester secret key (SK A c) , a user 
public ke y (PKuc) , and none, one, or more attester determined attribute values (w, z), 

the user public ke y (PKuc) inherently comprising none, one, or more user 
determined attribute values (x, y), and 

(II) at least one of the attester determined attribute values (w, z); and 

- deriving the user attestation-signature valu e (DAA') from the attestation valu e (cert) and a 
security module attestation valu e (DAA) provided by the security module (22), 

wherein it is verifiable whether or not (i) the user attestation-signature valu e (DAA') was validly 
derived from the security module attestation valu e (DAA) and the attestation value-(eerf), and 
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that (ii) the attestation value-(eer*) is associated with a subset (B, D) of at least one attribute, each 
attribute in the subset (B, D) having a revealed attribute value (x, z). 



2. (currently amended) The method according to claim 1, wherein the step of deriving the user 
attestation-signature valu e (DAA') further comprises the steps of: 

receiving from the security modul e (22) a first security module attestation valu e (T'i) ; 

deriving an intermediate user attestation-signature valu e (C") from the first security module 
attestation valu e (T'i) under use of an attester public ke y (PKac) and a hash function; 

providing the intermediate user attestation-signature value-(€ L ^ to the security module-<22); 

receiving from the security module-(22) a part of the user attestation-signature valu e (DAA) ; and 

calculating by the user devic e (20) further parts of the user attestation-signature valu e (DAA') 
using none, one, or more of the attribute values (w, y), the received part of the user 
attestation-signature valu e (DAA), the user public ke y (PK UC ), and the attester public ke y (PK A c) - 

* 

3. (currently amended) The method according to eteims claim 1 and-2-, wherein the user public 
key (PICuc) is derived from the module public ke y (PK im ) by using the attester public ke y (PK AC ) 
and the one or more of the attribute values (x, y). 



4. (currently amended) The method according to any of flic claim s claim i-te-J, wherein the user 
device^ provides encryptions under a trusted third parly's public key of one or more of the 
attribute values (w, y) that remain unknown to the verificatioh computer-(49). 



5. (currently amended) A method for attestation comp risinp issuing an attestation value-(eef*) for 
the generation of a user attestation-signature valu e (DAA') corresponding to at least one attribute 
(A, B, C, D), each with an attribute value (w, x, y, z), none,; one, or more of the attribute values 

i 

(w, y) remaining anonymous for transactions performable byj a user device-^©) having a security 
module-(23) with an attester computer^), the method step of issuing comprising the steps of: 
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- receiving from the user device-(30) a user public ke y (PKuc) that inherently comprises none, 
one, or more user determined attribute values (x, y) invisible to the attester computer-^) and a 
proof value demonstrating that the user public ke y (PKuc) was validly derived from a module 
public ke y (PKi m ) of the security module-(32); 

- issuing the attestation valu e (cert) based on an attester secret key (SK A c), the received user 
public key (PKuc), and none, one, or more attester determined attribute values (w, z); and 

- providing the attestation value-feerf) to the user devic e (20), 

wherein the user attestation-signature valu e (DAA') is derivable by the user device (20) from the 
attestation valu e (cert) and a security module attestation valu e (DAA) provided by the security 
module-(22), and it is verifiable whether or not (i) the user attestation-signature value (DAA') 
was validly derived from the security module attestation valu e (DAA) and the attestation value 
ieert), and that (ii) the attestation value-(ee^ is associated with a subset (B, D) of at least one 
attribute, each attribute in the subset (B, D) having a revealed attribute value (x, z). 



6. (currently amended) A method for attestation comprisinp verifying a user attestation-signature 
value (DAA') generated from an attestation valu e (cert) , the user attestation-signature value 
{©AA^ corresponding to at least one attribute (A, B, C, D), each with an attribute value (w, x, y, 
z), none, one or more of the attribute values (w, y) remaining anonymous for transactions 
performable with a user device-(2e) having a security module-(22), the method step_of verifying 
comprising the steps of: 

- receiving from the user device^©) the user attestation-signature valu e (DAA') ; and 

- verifying whether or not (i) the user attestation-signature valu e (DAA') was validly derived 
from a security module attestation valu e (DAA) provided by the security module-{22) and an 
attestation value^eert), and (ii) the attestation value-fee/-*) is associated with a subset (B, D) of at 
least one attribute, each attribute in the subset (B, D) having a revealed attribute value (x, z), 

the attestation value-(eert) being derived from an attester secret key (SK AC ), a user 
public key (PK UC ), and at least one attribute value (w, z) that remains anonymous, 
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the user public ke y (PKuc) inherently comprising a user determined attribute value 

(x, y). 



7. Method according to claim 6, wherein the step of verifying further comprises: 

computing a first user attestation-signature verification valu e by using the user 

attestation-signature valu e (DAA'), the attester public ke y (PK AC ) , and the revealed attribute 
values (x, z); and 

checking whether or not the first user attestation-signature verification value-(G^ is comprised in 
the user attestation-signature valu e (DAA') . 



8. (currently amended) A computer program element comprising program code means for 
performing the method of any one of the efatms claim 1 h»-7 when said program is run on a 
computer. 



9. (currently amended) A computer program product stored on a computer usable medium, 
comprising computer readable program means for causing a computer to perform the method 
according to any one of the claims claim l-to-7. 



10. (currently amended) A system for using a user attestation-signature valu e (DAA' -) that 
corresponds to at least one attribute (A, B, C, D), each with an attribute value (w, x, y, z), none, 
one, or more of the attribute values (x, y) remaining anonymous for transactions, the system 
comprising: 

a user device-(2e) having a security module^) that provides a module public key (PK im ) and a 
security module attestation valuev, the user device-(2e) providing a user public key (PKuc) that 
inherently comprises none, one, or more user determined attribute values (x, y) and a proof value 
demonstrating that the user public ke y (PK UC ) is validly derived from the module public key 
(PKipm) of the security module^33); 
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an attester computer-(33) that provides none, one, or more attester determined attribute values 
(w, z) and an attestation valu e {cert) that bases on an attester secret key (SK A c) , the user public 
ke y (PKuc) , and the none, one, or more attester determined attribute values (w, z); and 

a verification computer-(40) for verifying whether or not (i) the user attestation-signature value 
(DAA') was validly derived from the security module attestation valu e (DAA) provided by the 
security modul e (22) and the attestation valu e {cert), and (ii) the attestation valu e {cert) is 
associated with a subset (B, D) of at least one attribute, each attribute in the subset (B, D) having 
a revealed attribute value (x, z). 

1 1 . (currently amended) The method according to claim 2, wherein the user public key- is derived 
from the module public key by using the attester public key and the one or more of the attribute 
values (x, y). 

12. (new) The method according to claim 2, wherein the user device-provides encryptions under 
a trusted third party's public key of one or more of the attribute values (w, y) that remain 
unknown to the verification computer? 

13. (new) The method according to claim 3, wherein the user device provides encryptions under 
a trusted third party's public key of one or more of the attribute values (w, y) that remain 
unknown to the verification computer. 

14. (new) An article of manufacture comprising a computer usable medium having computer 
readable program code means embodied therein for causing attestation, the computer readable 
program code means in said article of manufacture comprising computer readable program code 
means for causing a computer to effect the steps of claim 1 . 

15. (new) A program storage device readable by machine, tangibly embodying a program of 
instructions executable by the machine to perform method steps for attestation, said method steps 
comprising the steps of claim 1 . 
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16. (new) An article of manufacture comprising a computer usable medium having computer 
readable program code means embodied therein for causing attestation, the computer readable 
program code means in said article of manufacture comprising computer readable program code 
means for causing a computer to effect the steps of claim 5. 



15. (new) A program storage device readable by machine, tangibly embodying a program of 
instructions executable by the machine to perform method steps for attestation, said method steps 
comprising the steps of claim 5. 



16. (new) An article of manufacture comprising a computer usable medium having computer 
readable program code means embodied therein for causing attestation, the computer readable 
program code means in said article of manufacture comprising computer readable program code 
means for causing a computer to effect the steps of claim 6. 

17. (new) A program storage device readable by machine, tangibly embodying a program of 
instructions executable by the machine to perform method steps for attestation, said method steps 
comprising the steps of claim 6. 



18. (new) A computer program product comprising a computer usable medium having computer 
readable program code means embodied therein for causing functions of a system for attestation, 
the computer readable program code means in said computer program product comprising 
computer readable program code means for causing a computer to effect the functions of claim 
10. 



19. (new) The method according to claim 1, wherein the step of deriving the user 
attestation-signature value-further comprises the steps of: 

receiving from the security module a first security module attestation value, 
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deriving an intermediate user attestation-signature value from the first security module 
attestation value under use of an attester public key and a hash fraction, 

providing the intermediate user attestation-signature value to the security module; 

receiving from the security module a part of the user attestation-signature value, and 

calculating by the user device further parts of the user attestation-signature value using 
none, one, or more of the attribute values (w, y), the received part of the user 
attestation-signature value, the user public key, and the attester public key; 

wherein the user public key- is derived from the module public key by using the attester public 
key and the one or more of the attribute values (x, y); and 



wherein the user device provides encryptions under a trusted third party's public key of 
more of the attribute values (w, y) that remain unknown to the verification computer. 



one or 



20. (new) A program storage device readable by machine, tangibly embodying a program of 
instructions executable by the machine to perform method steps for attestation, said method steps 
comprising the steps of claim 19. 
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